I have long held that the prime objective of a security practitioner to protect the Crown Jewels that reside within a data source. It is necessary to assess our controls put in place to thwart threats to our data sources. It is vital that we construct the new perimeter directly around those databases. Gone are the days where a firewall provided the appropriate level of security to the enterprise. These infrastructure security devices are great for directing network traffic, however, application threats waltz right through with rule based approval. Today, I would suggest that we harden our application systems and database systems treating all connections to be remote and all connections to be a possible threat. Threats come in two forms: one is unintentional, the other is completely malicious. Configuration errors and the human element do occur with enormous frequency that the need for developing standards, checks, and verification processes designed to prevent, discover, and remedy these problems before they become catastrophes. Malicious threats are more difficult to predict. Trusted partners or employees are the most difficult to thwart due to simple proximity and access capabilities. Proper segregation of duties, access audits, appropriate technical controls, and diligent application of standards are some of the fundamental necessities that must be implemented to make a stand. Analytical tools may be our best source of business and behavior intelligence to predict threats. We have vast untapped data sources that traditionally are considered business indicators that are equally useful in the information security space as well. What I think the future looks like is well fortified bastions chock full of encryption, access controls, usage logging and contingency plans designed to enable business, protect data, and provide business continuity should an unforeseen threat emerge. The next facet of this future is in surveillance. This includes not only digital system monitoring, but also physical monitoring. Physical access and control of data is just as important. Equipment and data can just as easily grow legs and walk out the front door as it can over the wire. From a simple overview, we are essentially the eye in the sky big brother style. It is vital that security practitioners develop a good understanding of how business technology flows, how humans interface with these systems, in order to provide the best solutions and suggestions for properly enabling business while addressing security. The relationship between the CISO, CIO, and advisably other business executives that promotes a common objective and mutual respect will advance information security efforts protecting the Crown Jewels.
One thought on “Enclaves of Technical Excellence”
Comments are closed.